Open doronbl opened 5 years ago
I understand your concerns however the crash report information sent does not contain any sensitive data. Only data like the Python version, the local, the OS version etc. is sent along with a traceback.
The crash report is generated here in our code https://github.com/GNS3/gns3-server/blob/2.1/gns3server/crash_report.py#L96
And this is what we can see on our side, only GNS3 developers have access to it.
Also, crash report can be deactivated if you put report_errors = False
in the gns3_server.conf or by deselecting "Send anonymous crash reports" in the GUI preferences.
In the end, I think we should ask a question, at install time or the first time the application is launch, to ask if users want to participate in this.
Hi team,
I'm working with GNS3 REST API. Today I've found that my sensitive data might be sent to 3rd party without my agreement of it, and even without noticing me about it.
I run REST API to import project. The operation failed in GNS3 server. In the GNS3 server logs I've noticed the following: 2019-04-04 15:45:45 DEBUG base.py:726 Sending message of length 5398 to https://sentry.io/api/38482/store/ 2019-04-04 15:45:46 INFO crash_report.py:136 Crash report sent with event ID: f2eb4b851831403882d6f9c5fcaa642d
Well, in these days you can't do that, sending user information to others.
This needs to be fixed immediately.
Full log:
Doron